from passlib.context import CryptContext
from jose import jwt
from app.core.config import settings

pwd_ctx = CryptContext(schemes=["bcrypt"], deprecated="auto")

def hash_password(pw: str) -> str:
    return pwd_ctx.hash(pw)

def verify_password(pw: str, hashed: str) -> bool:
    return pwd_ctx.verify(pw, hashed)

def create_access_token(sub: str) -> str:
    to_encode = {"sub": sub}
    return jwt.encode(to_encode, settings.jwt_secret, algorithm="HS256")